Merge pull request #4 from okeuday/master

Fix tests.

Author: marianoguerra

src/jwt.erl

@@ -22,34 +22,37 @@ encode(Algorithm, Payload, Secret, HeaderExtra) ->
     {ok, <<DataEncoded/binary, $., SignatureEncoded/binary>>}.
 
 decode(Data, Secret) when is_binary(Data) ->
-    try binary:split(Data, [<<".">>], [global]) of
-        [HeaderEncoded, PayloadEncoded, SignatureEncoded] ->
-            Header = jsx:decode(base64url:decode(HeaderEncoded)),
-            Type = proplists:get_value(<<"typ">>, Header),
-            AlgorithmStr = proplists:get_value(<<"alg">>, Header),
-            Expiration = proplists:get_value(<<"exp">>, Header, noexp),
-            Algorithm = algorithm_to_atom(AlgorithmStr),
-            DataEncoded = <<HeaderEncoded/binary, $., PayloadEncoded/binary>>,
-            ActualSignature = get_signature(Algorithm, DataEncoded, Secret),
-            Signature = base64url:decode(SignatureEncoded),
-            Payload = jsx:decode(base64url:decode(PayloadEncoded)),
-            Jwt = #jwt{typ=Type, body=Payload, alg=Algorithm,
-                       sig=Signature, actual_sig=ActualSignature},
-            if
-                Signature =:= ActualSignature ->
-                    % TODO: leeway
-                    NowSecs = now_secs(),
-                    if
-                        Expiration == noexp orelse Expiration > NowSecs ->
-                            {ok, Jwt};
-                        true ->
-                            {error, {expired, Expiration}}
-                    end;
-                true ->
-                    {error, {badsig, Jwt}}
-            end;
-        _ ->
-            {error, badtoken}
+    try
+        case binary:split(Data, [<<".">>], [global]) of
+            [HeaderEncoded, PayloadEncoded, SignatureEncoded] ->
+                Header = jsx:decode(base64url:decode(HeaderEncoded)),
+                Type = proplists:get_value(<<"typ">>, Header),
+                AlgorithmStr = proplists:get_value(<<"alg">>, Header),
+                Expiration = proplists:get_value(<<"exp">>, Header, noexp),
+                Algorithm = algorithm_to_atom(AlgorithmStr),
+                DataEncoded = <<HeaderEncoded/binary, $.,
+                                PayloadEncoded/binary>>,
+                ActualSignature = get_signature(Algorithm, DataEncoded, Secret),
+                Signature = base64url:decode(SignatureEncoded),
+                Payload = base64url:decode(PayloadEncoded),
+                Jwt = #jwt{typ=Type, body=Payload, alg=Algorithm,
+                           sig=Signature, actual_sig=ActualSignature},
+                if
+                    Signature =:= ActualSignature ->
+                        % TODO: leeway
+                        NowSecs = now_secs(),
+                        if
+                            Expiration == noexp orelse Expiration > NowSecs ->
+                                {ok, Jwt};
+                            true ->
+                                {error, {expired, Expiration}}
+                        end;
+                    true ->
+                        {error, {badsig, Jwt}}
+                end;
+            _ ->
+                {error, badtoken}
+        end
     catch
         error:E ->
             {error, E}

test/jwt_SUITE.erl

@@ -1,11 +1,11 @@
 -module(jwt_SUITE).
 -compile(export_all).
 
--include("include/jwt.hrl").
+-include("jwt.hrl").
 
 all() ->
     [encode_decode, decode_with_bad_secret, decode_empty_token,
-     decode_bad_token, decode_bad_token_3_parts, decode_good,
+     decode_bad_token, decode_bad_token_3_parts, decode_bad_sig,
      decode_expired].
 
 init_per_suite(Config) -> 
@@ -31,10 +31,24 @@ decode_with_bad_secret(_) ->
     {ok, Jwt} = jwt:encode(hs256, [{name, <<"bob">>}, {age, 29}], <<"secret">>),
     {error, {badsig, _Decoded}} = jwt:decode(Jwt, <<"notsecret">>).
 
-decode_good(_) ->
-    {ok, Jwt} = jwt:decode(<<"eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJ1IjoiYWRtaW4ifQ.KS4+DGuMMuJTcsDApSmmB11TR+O1FkeUu8ByL2qVUlk">>, <<"changeme">>),
-    Body = jsx:decode(Jwt#jwt.body),
-    <<"admin">> = proplists:get_value(<<"u">>, Body).
+decode_bad_sig(_) ->
+    Encoded = <<"eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9."
+                "eyJ1IjoiYWRtaW4ifQ."
+                "KS4+DGuMMuJTcsDApSmmB11TR+O1FkeUu8ByL2qVUlk">>,
+    Signature = <<41,46,62,12,107,140,50,226,83,114,192,192,165,41,
+                  166,7,93,83,71,227,181,22,71,148,187,192,114,47,
+                  106,149,82,89>>,
+    ActualSignature = <<210,21,116,4,249,201,17,92,117,190,215,176,
+                        22,187,0,69,214,249,100,119,220,25,108,132,
+                        138,80,4,37,248,30,15,80>>,
+    {error,
+     {badsig,
+      #jwt{typ = <<"JWT">>,
+           body = <<"{\"u\":\"admin\"}">>,
+           alg = hs256,
+           sig = Signature,
+           actual_sig = ActualSignature}}} = jwt:decode(Encoded,
+                                                        <<"changeme">>).
 
 decode_empty_token(_) ->
     {error, badtoken} = jwt:decode(<<"">>, <<"secret">>).